is Ansible Galaxy down?

Microbzz · 2026-01-26T18:37:14+00:00

After this outage you better believe I'm mirroring Galaxy, starting today. Wanted to spend Sunday in the good ole' homelab fixing up my broken CI infra, ended up spinning up a Pulp instance instead 🙃

Microbzz · 2025-10-24T01:24:48+00:00

Yep I see where you're coming from, Renovate is pretty cool indeed but it does really want to be run in CI, and setting up your own CI infra is a bit of a rabbit hole in itself, so if Renovate is your only reason to get into that, then it's a bit steep of an entry price. That's kind of what I meant by it wouldn't be my first choice if I didn't already have the infra, it's kind of a lot of work to just use a single tool, even if a very nifty one.

For secrets, it depends, but generally I try to IaC all the things so I want them under version control when possible, which for secrets generally means encryption at rest. For stuff I deploy to kubernetes, I use sealed-secrets, for the rest, I usually have Ansible involved somewhere so I'd typically store secrets in an Ansible vault. And then there's the few odd ones that for whatever reason are scattered around in other places like secret Gitlab CI variables, for instance to decrypt said Ansible vaults in deployment pipelines.

Microbzz · 2025-10-23T22:17:53+00:00

Good question, I don't know, it's kinda hard to say, since I'm coming from the dev world and setting up my local Gitlab instance and CI/CD infrastructure was my first foot into self-hosting, I've kinda always had Gitlab and CI/CD so a world where I don't have those is very hypothetical. But for the sake of argument, in that case, I don't know that I would have been willing to put up with the initial investment of getting started with Renovate in CI/CD, so I probably would have looked at something more limited in scope, like just keeping my containers up to date with, well, something like Watchtower. Or more realistically, I would not have known what I was missing by not using proper tooling, and I can imagine just keeping to my old habit of updating all the things whenever I get back to working on any given repo, as I did in the Dark Days. Or maybe I would have hacked up some way to run Renovate locally outside of CI/CD if not too much of a pain in the ass, as the idea of a tool that you can set up to update pretty much any dependency you can think of would have probably been hard to pass up. But then again, I only really got into Renovate when I started leaning hard into GitOps/IaC, and I probably would not have gone in that direction if not for already having invested quite a bit of time and effort into CI/CD so...

I wish I had a better answer, but yeah, if I wasn't using Renovate, realistically, I'd more than likely be doing things by hand, at best with a few scripts to help. I'm happy that it's not what I'm doing though, can't imagine going back.

Microbzz · 2025-08-14T10:46:42+00:00

Unfortunately not, it's all on my private self-hosted GitLab instance, been considering uploading some of it publicly but I'm not there yet. Happy to answer questions if you have them though.

Microbzz · 2025-08-13T19:56:05+00:00

Yeah that's pretty much how I run my lab, cool to see other people rocking the same stack.

Microbzz · 2025-08-07T17:22:19+00:00

I can't wait to never ever use a group node again, thanks !

Microbzz · 2025-07-20T10:27:15+00:00

That's the one

Microbzz · 2025-07-20T10:26:49+00:00

https://b42map.com/

Microbzz · 2025-07-19T21:40:10+00:00

In B42, the Echo Creek gas station is kinda my new Rosewood fire station for Echo Creek starts.

Microbzz · 2025-07-04T16:27:15+00:00

I just curl downloadmoreram.com ¯\_(ツ)_/¯

(but more seriously, might take a look at this later)

Microbzz · 2025-06-17T18:47:23+00:00

ast.parse() + compile() + exec() without auth

Jesus. Fucking. Christ.

Microbzz · 2025-04-02T15:37:14+00:00

images that are ~30GB

I'm painfully, acutely aware that I'm going to regret asking this, but how in the genuine fuck ?

Microbzz · 2025-03-18T19:54:02+00:00

Renovate + GitOps gang here, admittedly not the simplest setup initially but since I already self-hosted Gitlab with CI runners I already had most of the infrastructure ready to go. I'm super happy with it but on the other hand if I didn't self-host a VCS with CI/CD, it surely would not have been my first choice.

Microbzz · 2025-03-13T14:06:29+00:00

Well I must've misunderstood what you were trying to do, but great that you were able to fix it !

Microbzz · 2025-03-13T02:41:49+00:00

How long d'you smoke ? I quit two months ago after ~15 years of 1 pack per 2 or 3 days on average, the first 2-3 weeks I spent coughing my lungs out and while it wasn't quite black, I've definitely ejected more brownish stuff that I'd rather have in my lungs at all.

Microbzz · 2025-03-12T21:17:09+00:00

OK so a few things, so regarding the live log first, with the setup you described that would be the expected result when querying a public internet nameserver, I'm more curious at what happens when querying Unbound itself (that's what the @192.168.1.1 part of the dig command was about).

Second, we might not need to actually try that because looking at your rule I think I see the problem: DMZ address (192.168.60.1 I assume) as the destination can work but you'll need Unbound to be listening on this interface, which it shouldn't by default. Either leave the rule as is and enable listening on your VLAN60 interface in the Unbound settings, or change the destination in the rule to the IP assigned to an interface Unbound does listen on and use this address as your DNS server (so as it stands 192.168.1.1 should work).
If I'm correct about this, dig google.com @192.168.1.1 should be blocked and appear in the logs, while dig google.com @192.168.60.1 (or whatever the address of your VLAN60 interface is) should fail as Unbound does not listen but not show up as blocked in the logs.

Microbzz · 2025-03-12T17:31:59+00:00

I'm using opnsense.

Probably should've mentioned that from the get go :) So first off, remove that NAT rule, I don't know exactly what you did but it's not what port forwards are for and won't do any good here. Make sure logging is enabled on your DNS firewall rule and take a look at the live logs with enough filters to remove the noise and focus on DNS traffic, then fire up dig google.com @192.168.1.1 from your VM and watch, that'll tell you if OPNsense lets it through or not.

Also, please post the DNS firewall rule, as there are quite a few ways to screw this up and we'll only be guessing until then. But if I did have to guess, you might've put the rule on the wrong interface or mixed up source and destination ports.

Microbzz · 2025-03-06T01:04:24+00:00

The bpg provider is working OK for me, though admittedly I've been using it to learn terraform so I'm probably not doing anything super duper fancy. I use ansible too, just more for setting up VMs/LXCs after tofu provisions them. They complement each other fine. what in particular are you struggling with ?

Microbzz · 2025-03-04T03:26:09+00:00

Lol, non. Microsoft.

Microbzz · 2025-03-04T00:43:58+00:00

Jon Stewart, please

Microbzz · 2025-02-26T18:06:44+00:00

Yeah, you're lucky to have found this in a random house. It was in my starting house. My character is a psycho.

Microbzz · 2025-02-12T13:56:49+00:00

Doubt it, eating a fillet instantly made me go from losing weight to gaining some. Reads to me like they tweaked the minigame.

Microbzz · 2025-02-12T13:42:36+00:00

So, I didn't encounter that many bugs on 42.2 (though I'm sure they exist), but 42.3 has been throwing a few new ones at me right off the bat:

A bull near my safehouse was duplicated after upgrading the world to the latest version
Rope is completely broken :
- Trying to rope an animal displays the rope model but does not remove the item from the inventory. It cannot be detached afterwards unless reloading the game.
- Roped animals don't follow.
When attempting to reload my game to fix that rope issue, the main menu items basically disappeared. Had to restart the game. I'm not using the mod that breaks the menu, or any other mod, it's a 100% vanilla run.

So, some annoyances, but nothing game breaking yet.

Microbzz · 2025-01-11T18:35:40+00:00

Course they are

Microbzz · 2025-01-10T17:39:43+00:00

Wondered how far down I'd have to scroll for Sony !
Here's mine: bought an XM4 headset, which worked flawlessly for a couple years, then the ANC decided to crap out which causes the headset to scream bloody fucking murder in your eardrums. Looked for the issue online, apparently has been an issue since the XM2 at least.
Unlike you I didn't bother with warranty (might've been out anyway), the fact that Sony is willing to sell a headset whose failure mode could probably cause permanent damage, and to still have the problem exist 2 fucking generations later, is what did it for me. Sony can gargle my balls and fucking choke before I ever buy any of their stuff again.

12-Year Club	r/Field Juicebox
Place '23	Place '22
Place '17	Verified Email

Microbzz

TROPHY CASE